Blackphone vulnerability would have let attacker read messages, steal contacts and more

A recently patched vulnerability in Blackphone allowed hackers to circumvent its security measures, more or less giving them free roam of the device. If you can’t trust a device whose sole purpose of existence is to be secure, what can you trust?

An app called SilentText that came bundled with the handset shipped with a major flaw. Mark Dowd, founder of security consultancy firm Azimuth Security, discovered a serious issue known as a type confusion vulnerability in the app while tinkering around on his newly purchased Blackphone.

This type of memory corruption flaw occurs when one data type is mistakenly interpreted as another.

If executed correctly, an attacker could remotely decrypt and read messages, view and steal contacts, track a Blackphone owner using the phone’s geographical location and execute malicious code on the device. The only thing a hacker would have needed in advance to pull off the exploit was the target phone’s Silent Circle ID or phone number.

Fortunately, Dowd did the right thing and reached out to the manufacturer before going public with the exploit. It has since been patched.

Blackphone first surfaced a little over a year ago. It was designed for privacy conscious-buyers following NSA whistleblower Edward Snowden’s surveillance-related revelations. Created in partnership by Silent Circle and Geeksphone, the handset runs a modified version of Android called PrivatOS. It’s available as of writing for $629.